Hacker News Comments on
Comprehensive Experimental Analyses of Automotive Attack Surfaces
USENIX
·
Youtube
·
4
HN points
·
5
HN comments
- This course is unranked · view top recommended courses
Hacker News Stories and Comments
All the comments and stories posted to Hacker News that reference this video.Some high-end luxury cars are remotely exploitable, to the point where attackers can control the breaks/engine/locks using a cell connection: http://youtu.be/bHfOziIwXic
A few years back, a joint UW-UCSD team showed that car systems are remotely exploitable. They were able to literally call the car's cell phone number and control the brakes/gas/door locks remotely.
⬐ anologwintermutThe above paper is one of two the UW/UCSD group wrote.⬐ gcr(oops, sorry about gratuitous use of "literally" -- i should learn not to editorialize better)
⬐ gcb0Is this resurfacing because of the journalist "killed" in his Mercedes while investigating the government?
This is a video from a UCSD researcher on malicious attacks on modern automobiles http://www.youtube.com/watch?v=bHfOziIwXicExamples of what can be done: Insert in the radio a CD containing a malicious WMA file that would play fine on the computer but once in the car could completely compromise the car electronics...
⬐ scotthWell that was eye-opening.⬐ contingenciesLink to the original paper and one additional paper: http://www.autosec.org/publications.htmlThe money shot - single image comparing all attack vectors: http://i.imgur.com/ylXoPmz.png
There's a third angle: Exploits.UCSD and UW researchers have demonstrated the ability for an attacker to take full control of many modern cars just by dialing the car's 3G modem.
By "full control", I mean everything from "unlock the doors and start the engine" to "engage/disable the brakes and stop the engine"
http://www.autosec.org/pubs/cars-oakland2010.pdfOver a range of experiments, both in the lab and in road tests, we demonstrate the ability to adversarially control a wide range of automotive functions and completely ignore driver input — including disabling the brakes, selectively braking individual wheels on demand, stopping the engine, and so on. We find that it is possible to bypass rudimentary network security protections within the car, such as maliciously bridging between our car’s two internal subnets.
Edit: No, they really did demonstrate these vulnerabilities on real cars, it's not a theoretical analysis. Here's a link to their full research talk: http://www.youtube.com/watch?v=bHfOziIwXic
⬐ FinsterUnfortunately, the article you cite is similar to OP's article.So, no, they didn't ACTUALLY dial a car's 3G modem. That is merely a theorized attack vector. There is no proof of concept here.In this paper we intentionally and explicitly skirt the question of a “threat model.” Instead, we focus primarily on what an attacker could do to a car if she was able to maliciously communicate on the car’s internal network. That said, this does beg the question of how she might be able to gain such access. While we leave a full analysis of the modern automobile’s attack surface to future research, we briefly describe here the two “kinds” of vectors by which one might gain access to a car’s internal networks.
⬐ tptacekThe comparison here oversimplifies. Avionics engineers are on this thread saying there's no physical/logical connectivity between RF and flight control systems. But that's not true of cars; we know cars do have at least some RF controls, and we're far less certain of the connectivity between CAN devices in a car than the avionics people are of the connectivity between ACARS and flight control.⬐ dguidoHere is a video of a similar attack being performed on a real car by another researcher who discovered the same vulnerabilities/attack vector in parallel to the academic team (1m30s):https://www.youtube.com/watch?v=bNDv00SGb6w
NOT theoretical.
⬐ gcrNo, they really did demonstrate these vulnerabilities on real cars, it's not a theoretical analysis. Here's a link to their full research talk: http://www.youtube.com/watch?v=bHfOziIwXicI've been to both the UW and UCSD security labs and have seen their videos. It's real.
This is ongoing work and honestly I cited the first article I could find.